lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 17 Jan 2017 18:21:01 +0200
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     Ken Goldman <kgoldman@...ibm.com>
Cc:     tpmdd-devel@...ts.sourceforge.net,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [tpmdd-devel] [PATCH] tpm: add session handles to the save and
 restore of the tpm2 space manager

On Tue, Jan 17, 2017 at 09:01:59AM -0500, Ken Goldman wrote:
> On 1/16/2017 6:18 PM, James Bottomley wrote:
> >
> > Basically this means that the advice to virtualize session handles
> > in the TCG RM document is wrong and we have to use physical handles.
> > I'll redo the implementation for this ... and now, since we'll have
> > nothing to use as an index, it probably does make sense to have
> > sessions in a separate array.  I can also separate isolation from
> > context switching ... although I really think this is less optimal:
> > my TPM only allows three active context handles, so if we don't
> > context switch them identically to transient object (which it also
> > only allows three of) I'm going to run out.  I actually redid my
> > openssl_tpm_engine patches so they use session handles for parameter
> > encryption and HMAC based authority, so this may end up biting me
> > soon ...
> 
> I think you have to context save sessions, just as you do with transient 
> objects.  Otherwise, only one process at a time can connect.

Isolation is self-contained step that can be tested and possible
regressions catched.

I could even consider landing isolation in one release and swapping in
subsequent in order to keep the release content more digestable for
upper layer maintainers and risk of causing major regressions small.

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ